package com.ktjiaoyu.crm.config.shiro;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * shiro配置类
 */
@Configuration
public class ShiroConfig {

    @Bean   //装配自定义Realm
    public MyShiroRealm myShiroRealm(){

        return new MyShiroRealm();
    }

    @Bean   //装配安全管理器
    public SecurityManager defaultWebSecurityManager(){

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //注入自定义Realm
        securityManager.setRealm(myShiroRealm());

        return securityManager;
    }

    @Bean //装配过滤器
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager manager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //注入SecurityManager
        shiroFilterFactoryBean.setSecurityManager(manager);
        //权限验证：使用fileter控制资源访问
        return shiroFilterFactoryBean;
    }

}
